Home

Description

In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data.

PUBLISHED Reserved 2025-11-12 | Published 2025-11-18 | Updated 2025-11-18 | Assigner Checkmk




MEDIUM: 4.8CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N

Problem types

CWE-732: Incorrect Permission Assignment for Critical Resource

Product status

Default status
unaffected

2.4.0 (semver) before 2.4.0p16
affected

2.3.0 (semver) before 2.3.0p41
affected

2.2.0 (semver)
affected

2.1.0 (semver)
affected

References

checkmk.com/werk/18570

cve.org (CVE-2025-64996)

nvd.nist.gov (CVE-2025-64996)

Download JSON